Ransomware: it’s a term and form of fraud that many businesses have become all too familiar with in recent years. A form of malware, ransomware is used by bad actors to infiltrate a company’s IT platforms and essentially hold them hostage by freezing access to files and systems until payment is made by the company to the perpetrator. And by all accounts, ransomware crime is on the rise and is anticipated to become an even greater problem, largely due to the difficulty involved with identifying and prosecuting the offenders. In 2023, companies spent more than $1 billion in ransomware payments‡ and it’s projected that in 2031, there will be a ransomware attack on a business, consumer, or device every two seconds‡.
All of which begs the question – what can businesses do to prevent a ransomware attack, and what are the next steps if one happens?
Educate employees
The most common way ransomware attacks begin‡ is through phishing. In these instances, employees receive emails that seem as though they’re from a trusted source, so they click on links or open attachments, which in turn install malware onto the IT platforms and kick off the ransomware attack. To help foil phishing attempts, employee education is key. Create regular reminders for employees about warning signs of phishing attempts, including:
- Misspellings and incorrect grammar within the email
- Return emails and hyperlinks that appear to be spoofed
- Urgent requests to click a link or open an attachment
- A message seemingly from a supervisor that is sent from an unknown platform
Gamifying phishing exercises can be a way to engage employees to stay alert and be mindful of attempts; to increase participation, consider providing rewards or recognition to associates who are the most frequent flaggers of phishing tests. The U.S. Cyber Defense Agency has additional information‡ about how employers can help employees avoid phishing attempts.
Protect your processes
As the saying goes, an ounce of prevention is worth a pound of cure. In addition to educating employees, bolstering your IT systems can go a long way in preventing ransomware attacks as well as mitigating any that may occur. The U.S. Cyber Defense Agency‡ recommends that you:
- Create backups of your critical systems and data
- Implement multi-factor authentication
- Patch systems and software
- Develop Incident Response Plan(s) and Business Continuity Operations Plans
- Conduct a cybersecurity risk analysis
- Segment critical systems
- Perform infiltration tests on your systems
Responding to ransomware
The FBI does not recommend paying ransom to unfreeze IT systems. This is for a variety of reasons, including:
- Paying the ransom does not guarantee that the fraudster will release your data, or sell it to another party
- Providing payment may increase the likelihood of another attack
Notably, 84.5% of businesses victimized by ransomware in 2023‡ worked their way out of the situation without payment.
If your business is impacted by a ransomware attack, the best next step is to file a notice at the Internet Crime Complaint Center‡.
Ransomware attacks pose a very real threat to businesses, but by taking proactive steps to align your teams, your processes, and your response strategy, you can help protect your company from business disruption and paying an unnecessary price to bad actors.
If you are interested in learning more about how UMB can help your business, visit our website.
When you click links marked with the “‡” symbol, you will leave UMB’s website and go to websites that are not controlled by or affiliated with UMB. We have provided these links for your convenience. However, we do not endorse or guarantee any products or services you may view on other sites. Other websites may not follow the same privacy policies and security procedures that UMB does, so please review their policies and procedures carefully.